What is Access Control?
Access Control is a one of the central of security policy where it focuses on the control policy for the user to access the authentication files or server.
Types of Access Control
- Preventive Access control
- Deterrent Access Control
- Detective Access Control
What is Access Control Techniques?
- Discretionary Access Controls is a system that use of the control where it will allow the owner or creator of an object to control and define subject access to that object. The user will get the access granted or denied in the control environment based on the identity of the subjects. The Controls environment can also be extended beyond just controlling the types of access between subjects and objects via ACLs by including or applying time controls, transaction control and other form of ID-focused controls.
- Mandatory Access Controls is a control that rely on the use of classification labels where it represents a security domain or realm of security. Subjects are labeled by their level of clearance. Objects are labeled by their level of classification or sensitivity. For example, the military uses the labels of top secrets, secret, confidential, sensitive but unclassified
- Role-Based Access Control is a system that employ role-based on the access controls which define a subject’s ability to access an object via subject roles or tasks. If a subject occupies a management position, it will have greater access to resources than a subject who is in temporary job.